Hello all,
sit (ipv4 in ipv6, for example) tunnels and consequently ipip seem to have
been implemented in a very weird fashion.
For example, if you want to set up three tunnels to three sites, you must
do like [this could also be done using one pseudo-interface sit0, but it
has it's own problems too]:
# ifconfig sit0 up
# ifconfig sit0 tunnel ::1.1.1.1
# ifconfig sit1 up
# ifconfig sit1 tunnel ::2.2.2.2
# ifconfig sit2 up
# ifconfig sit2 tunnel ::3.3.3.3
However, if you would want to disable e.g. sit0 temporarily, you'd have to
do:
# ifconfig sit0 up
# ifconfig sit0 tunnel ::2.2.2.2
# ifconfig sit1 up
# ifconfig sit1 tunnel ::3.3.3.3
Ie: shift interfaces up so that there are no "free interface slots".
You seem to be able to allocate the next tunnel only after the previous
one has been used too.
This can be very annoying if you have any services, e.g. firewall rules,
routing protocols, or anything "bound" in configuration to specific
interfaces.
IMHO, tunnels should work more like interface aliases: you shouldn't need
to assign them in consecutive order.
FWIW, in FreeBSD tunnels ('gif') seem to work in a "sane" fashion.
Are there any technical hindrances for this kind of approach? Or didn't
anybody really need this so much as to spend time for doing it "right" ?
:-)
Please Cc:.
--
Pekka Savola "Tell me of difficulties surmounted,
Netcore Oy not those you stumble over and fall"
Systems. Networks. Security. -- Robert Jordan: A Crown of Swords